SlideShare a Scribd company logo

Microsoft IT's IPv6 Killer App

Oliver Müller
Oliver Müller

IPv4 Private Address Depletion Marcus Keane

Technology
1 of 20
Download to read offline
Agenda
IPv6 Evolution • ISATAP tunneling for IPv6 enablement for development and research started in 2006. • Operating Systems IPv6 capable •  Client and Server OS’s on the corporate network IPv6 capable and prefer v6 by default • Transition Technologies •  ISATAP deployed and then deprecated in favour of dual-stack •  Initial IPv6 only pilot • Native deployed in selected locations
IPv6 Evolution continued… • World IPv6 Day June 8, 2011 • Corporate wide interest and excitement leading up to World IPv6 launch day!! • World IPv6 Launch June 6, 2012…..YAY!
Enabling IPv6 •  Routing Protocols • IGP • VPNv6 •  Security infrastructure v6 aware •  Firewalls v6 enabled •  Other security components (AMA, APT, DLP, IDS) v6 capable •  NetFlow v9 deployed •  Corporate on-prem datacenters IPv6 enabled •  Includes hardware load balancers •  Internet Peering •  IPv6 internet peering enabled •  Enabling direct v6 internet into labs on request
Internet Routing Challenges • Initial announcement of ARIN /32 from HQ in Seattle • Lack of certainty about advertising space from one regional RIR in another region • Questions about geolocation • Considered PI /48s • Proceeded to procure one /32 per region • No IPv6 NAT for first implementation – Therefore could only announce in one location in the region – E.g. Tokyo in Asia and Dublin in EMEA
IPv6 Challenges •  Enabling dual-stack at the user edge created some scaling issues • ARP and ND timers – much increased traffic • Increased control plane traffic – SSDP, LLMNR •  Challenges with introducing IPv6 into MPLS •  Issues with OSPFv2/v3 taking different paths through the network. Mostly solved by IS-IS J •  Extension Headers – quickly fixed by vendor •  Quirks introduced by IPv6 – eg DAD on WAN links •  Staff training •  IPv6 addressing seems to be hard •  Ensuring consistency between IPv4 and IPv6 during new deployment •  Operational issues with IPv6
IPv6 current status • Current Stats –  100% of WAN and Backbone is v6 enabled; IS-IS backbone (OSPFv2/v3 campus) –  63% of managed hosts are v6 enabled –  Dual stack on 20% of corporate access network –  6,400 internal v6 routes, 20,000 internal v4 routes –  DNS AAAA to A record comparison –  Expect to have complete network dual stack by end of year Europe Redmond A – 34,545 A – 410,679 AAAA – 31,946 AAAA - 321,113 FarEast Development A – 67,115 A – 147,633 AAAA- 32,039 AAAA – 131,402
IPv6 Killer App… • I know you have more v4 addresses…
Vanishing RFC1918 space – Options • Start looking at internal NAT44 OR NAT64 • We are piloting v6-only using NAT64 (with DNS64). •  For wired we are using DNS64 via Direct Access* deployment •  DHCPv6 stateful on existing DHCP server •  Cisco ASR1K for NAT64 • Wireless Guest Network •  BIND9 on Windows Server 2012 •  DHCPv6 stateless on Windows Server 2016 •  Cisco ASR1K for NAT64 *Microsoft VPN solution
V6-Only Pilot Deployment
IPv6-only Pilot Results – what works •  Native IPv6 •  Office 365 •  Xbox.com •  Microsoft.com •  Windows update (test) •  Skype for Business •  Applications via NAT64; no noticeable performance degradation •  SharePoint •  Yammer •  Bing search •  Windows RPC/SMB •  Windows RDP •  Xbox VOD, video playback
IPv6-only Pilot Results– what doesn’t work •  Applications •  Skype •  Other applications with IPv4 embedded addresses •  X-Windows applications •  Microsoft homegrown applications •  Non-client devices •  IP phones •  Conference room schedule monitor •  Security cameras
IPv6 w/NAT64 Pilot Results • Switching between v6-only wired and dual-stack wireless •  Had to disable Ethernet when switch to dual-stack wireless (Ethernet preferred over Wi-Fi) •  Without Stateful DHCPv6, no “release6, renew6” had to issue PowerShell “restart-netadapter” • Still have to figure out IPv4 embedded •  464xlat for mobile, what about wired • Operations and Troubleshooting •  Issues when one troubleshooting step is to turn off IPv6 Generally things just worked
Future Thoughts § DHCPv6 or SLAAC or both? § DNS64 deployed globally § IPv6 Multicast § NAT64 redundancy testing § TE - Segment Routing? § Management
2 0 0 1 : 4 8 9 8 : 0 0 0 0: 0 0 0 0 :0:0:0:0 0010 0000 0000 0001 0100 1000 1001 1000 0 000 0000 0000 0000 0000 0000 0000 … 0000 32 bit prefix 8 site bits 64 bit IID “I” bit 6 block bits /40 /48 /64 16 subnet bits “D” bit 0000 0000 1) Bit 33 0=Corpnet 1=Internet 2) Bit 34 0=Corpnet 1=Delegations 3) Bits 35-40 Regional Blocks Puget Sound, Canada, Americas EMEA APJ 4) Bits 41-48 Site Bits Site = Hub location ROW PS core aggregation pair First /48 reserved for infastructure 5) Bits 49-64 User Subnets 6) Bits 65-128 Host identifiers
AMA - Advanced Malware Analysis DLP - Data Loss Prevention IDS - Intrusion Detection System APT - Advanced Persistent Threats Appendix: Acronyms
Disclaimer § This presentation and the content therein cannot be, duplicated, modified or excerpted without the express written approval of Marcus Keane marcus.keane@microsoft.com 20

Recommended

Sky IPv6 Update
Sky IPv6 UpdateSky IPv6 Update
Sky IPv6 UpdateOliver Müller
 
IPv6 at CSCS
IPv6 at CSCSIPv6 at CSCS
IPv6 at CSCSSwiss IPv6 Council
 
IPv6 Status - Cisco 6lab
IPv6 Status - Cisco 6labIPv6 Status - Cisco 6lab
IPv6 Status - Cisco 6labOliver Müller
 
IPv6 in the EE Network
IPv6 in the EE NetworkIPv6 in the EE Network
IPv6 in the EE NetworkOliver Müller
 
The Use of IPv6 in IoT
The Use of IPv6 in IoTThe Use of IPv6 in IoT
The Use of IPv6 in IoTOliver Müller
 
IPV6 Network Simulation Projects Research Guidance
IPV6 Network Simulation Projects Research GuidanceIPV6 Network Simulation Projects Research Guidance
IPV6 Network Simulation Projects Research GuidancePhdtopiccom
 
Der Einsatz von Lisp für die IPv6 Migration
Der Einsatz von Lisp für die IPv6 MigrationDer Einsatz von Lisp für die IPv6 Migration
Der Einsatz von Lisp für die IPv6 MigrationSwiss IPv6 Council
 
Sky IPv6 Launch
Sky IPv6 LaunchSky IPv6 Launch
Sky IPv6 LaunchOliver Müller
 

Recommended

Sky IPv6 Update
Sky IPv6 UpdateSky IPv6 Update
Sky IPv6 UpdateOliver Müller
 
IPv6 at CSCS
IPv6 at CSCSIPv6 at CSCS
IPv6 at CSCSSwiss IPv6 Council
 
IPv6 Status - Cisco 6lab
IPv6 Status - Cisco 6labIPv6 Status - Cisco 6lab
IPv6 Status - Cisco 6labOliver Müller
 
IPv6 in the EE Network
IPv6 in the EE NetworkIPv6 in the EE Network
IPv6 in the EE NetworkOliver Müller
 
The Use of IPv6 in IoT
The Use of IPv6 in IoTThe Use of IPv6 in IoT
The Use of IPv6 in IoTOliver Müller
 
IPV6 Network Simulation Projects Research Guidance
IPV6 Network Simulation Projects Research GuidanceIPV6 Network Simulation Projects Research Guidance
IPV6 Network Simulation Projects Research GuidancePhdtopiccom
 
Der Einsatz von Lisp für die IPv6 Migration
Der Einsatz von Lisp für die IPv6 MigrationDer Einsatz von Lisp für die IPv6 Migration
Der Einsatz von Lisp für die IPv6 MigrationSwiss IPv6 Council
 
Sky IPv6 Launch
Sky IPv6 LaunchSky IPv6 Launch
Sky IPv6 LaunchOliver Müller
 
Hands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesHands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesCisco Canada
 
Multicast in OpenStack Tips
Multicast in OpenStack TipsMulticast in OpenStack Tips
Multicast in OpenStack TipsVikram G Hosakote
 
Successfully Deploying IPv6
Successfully Deploying IPv6Successfully Deploying IPv6
Successfully Deploying IPv6Zivaro Inc
 
IPv6 Deployment Panel
IPv6 Deployment PanelIPv6 Deployment Panel
IPv6 Deployment PanelShumon Huque
 
IPv6 translation methods
IPv6 translation methodsIPv6 translation methods
IPv6 translation methodsAhmad Hijazi
 
Swisscom: Testing von IPv6 Security Devices
Swisscom: Testing von IPv6 Security DevicesSwisscom: Testing von IPv6 Security Devices
Swisscom: Testing von IPv6 Security DevicesSwiss IPv6 Council
 
IPv6 experience from a large enterprise - Networkshop44
IPv6 experience from a large enterprise - Networkshop44IPv6 experience from a large enterprise - Networkshop44
IPv6 experience from a large enterprise - Networkshop44Jisc
 
IPv6 strategy for deployment at ETH Switzerland
IPv6 strategy for deployment at ETH SwitzerlandIPv6 strategy for deployment at ETH Switzerland
IPv6 strategy for deployment at ETH SwitzerlandSwiss IPv6 Council
 
CHT IPv6 Measurement and Deployment
CHT IPv6 Measurement and DeploymentCHT IPv6 Measurement and Deployment
CHT IPv6 Measurement and DeploymentAPNIC
 
Content over IPv6: no excuses
Content over IPv6: no excusesContent over IPv6: no excuses
Content over IPv6: no excusesIvan Pepelnjak
 
IPv6 Adressvergabe und Adressierung
IPv6 Adressvergabe und AdressierungIPv6 Adressvergabe und Adressierung
IPv6 Adressvergabe und AdressierungSwiss IPv6 Council
 
IPv6 Deployment In Enterprise Networks
IPv6 Deployment In Enterprise NetworksIPv6 Deployment In Enterprise Networks
IPv6 Deployment In Enterprise NetworksIvan Pepelnjak
 
IPv6 Security und Hacking
IPv6 Security und HackingIPv6 Security und Hacking
IPv6 Security und HackingSwiss IPv6 Council
 
Colt IPv6 for Business Customers Case Study - Swiss IPv6 Council Jun 2013-v3
Colt IPv6 for Business Customers Case Study - Swiss IPv6 Council Jun 2013-v3Colt IPv6 for Business Customers Case Study - Swiss IPv6 Council Jun 2013-v3
Colt IPv6 for Business Customers Case Study - Swiss IPv6 Council Jun 2013-v3Javier Benitez
 
Ipv6
Ipv6Ipv6
Ipv6Nitesh Singh
 
CBN IPv6 Deployment
CBN IPv6 DeploymentCBN IPv6 Deployment
CBN IPv6 DeploymentAPNIC
 
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICSuccesses and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICAPNIC
 
Multicast in OpenStack
Multicast in OpenStackMulticast in OpenStack
Multicast in OpenStackVikram G Hosakote
 
[2015-11월 정기 세미나] Cloud Native Platform - Pivotal
[2015-11월 정기 세미나] Cloud Native Platform - Pivotal[2015-11월 정기 세미나] Cloud Native Platform - Pivotal
[2015-11월 정기 세미나] Cloud Native Platform - PivotalOpenStack Korea Community
 
Ipv6
Ipv6Ipv6
Ipv6PrachiSharma304
 
Internet Of Things What You Need To Know - TechFuse
Internet Of Things What You Need To Know - TechFuseInternet Of Things What You Need To Know - TechFuse
Internet Of Things What You Need To Know - TechFuseRichard Harbridge
 
Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...
Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...
Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...Tesla World
 

More Related Content

What's hot

Hands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesHands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesCisco Canada
 
Successfully Deploying IPv6
Successfully Deploying IPv6Successfully Deploying IPv6
Successfully Deploying IPv6Zivaro Inc
 
IPv6 Deployment Panel
IPv6 Deployment PanelIPv6 Deployment Panel
IPv6 Deployment PanelShumon Huque
 
IPv6 translation methods
IPv6 translation methodsIPv6 translation methods
IPv6 translation methodsAhmad Hijazi
 
Swisscom: Testing von IPv6 Security Devices
Swisscom: Testing von IPv6 Security DevicesSwisscom: Testing von IPv6 Security Devices
Swisscom: Testing von IPv6 Security DevicesSwiss IPv6 Council
 
IPv6 experience from a large enterprise - Networkshop44
IPv6 experience from a large enterprise - Networkshop44IPv6 experience from a large enterprise - Networkshop44
IPv6 experience from a large enterprise - Networkshop44Jisc
 
IPv6 strategy for deployment at ETH Switzerland
IPv6 strategy for deployment at ETH SwitzerlandIPv6 strategy for deployment at ETH Switzerland
IPv6 strategy for deployment at ETH SwitzerlandSwiss IPv6 Council
 
CHT IPv6 Measurement and Deployment
CHT IPv6 Measurement and DeploymentCHT IPv6 Measurement and Deployment
CHT IPv6 Measurement and DeploymentAPNIC
 
Content over IPv6: no excuses
Content over IPv6: no excusesContent over IPv6: no excuses
Content over IPv6: no excusesIvan Pepelnjak
 
IPv6 Adressvergabe und Adressierung
IPv6 Adressvergabe und AdressierungIPv6 Adressvergabe und Adressierung
IPv6 Adressvergabe und AdressierungSwiss IPv6 Council
 
IPv6 Deployment In Enterprise Networks
IPv6 Deployment In Enterprise NetworksIPv6 Deployment In Enterprise Networks
IPv6 Deployment In Enterprise NetworksIvan Pepelnjak
 
Colt IPv6 for Business Customers Case Study - Swiss IPv6 Council Jun 2013-v3
Colt IPv6 for Business Customers Case Study - Swiss IPv6 Council Jun 2013-v3Colt IPv6 for Business Customers Case Study - Swiss IPv6 Council Jun 2013-v3
Colt IPv6 for Business Customers Case Study - Swiss IPv6 Council Jun 2013-v3Javier Benitez
 
CBN IPv6 Deployment
CBN IPv6 DeploymentCBN IPv6 Deployment
CBN IPv6 DeploymentAPNIC
 
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICSuccesses and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICAPNIC
 
[2015-11월 정기 세미나] Cloud Native Platform - Pivotal
[2015-11월 정기 세미나] Cloud Native Platform - Pivotal[2015-11월 정기 세미나] Cloud Native Platform - Pivotal
[2015-11월 정기 세미나] Cloud Native Platform - PivotalOpenStack Korea Community
 

What's hot (20)

Hands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesHands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and Services
 
Multicast in OpenStack Tips
Multicast in OpenStack TipsMulticast in OpenStack Tips
Multicast in OpenStack Tips
 
Successfully Deploying IPv6
Successfully Deploying IPv6Successfully Deploying IPv6
Successfully Deploying IPv6
 
IPv6 Deployment Panel
IPv6 Deployment PanelIPv6 Deployment Panel
IPv6 Deployment Panel
 
IPv6 translation methods
IPv6 translation methodsIPv6 translation methods
IPv6 translation methods
 
Swisscom: Testing von IPv6 Security Devices
Swisscom: Testing von IPv6 Security DevicesSwisscom: Testing von IPv6 Security Devices
Swisscom: Testing von IPv6 Security Devices
 
IPv6 experience from a large enterprise - Networkshop44
IPv6 experience from a large enterprise - Networkshop44IPv6 experience from a large enterprise - Networkshop44
IPv6 experience from a large enterprise - Networkshop44
 
IPv6 strategy for deployment at ETH Switzerland
IPv6 strategy for deployment at ETH SwitzerlandIPv6 strategy for deployment at ETH Switzerland
IPv6 strategy for deployment at ETH Switzerland
 
CHT IPv6 Measurement and Deployment
CHT IPv6 Measurement and DeploymentCHT IPv6 Measurement and Deployment
CHT IPv6 Measurement and Deployment
 
Content over IPv6: no excuses
Content over IPv6: no excusesContent over IPv6: no excuses
Content over IPv6: no excuses
 
IPv6 Adressvergabe und Adressierung
IPv6 Adressvergabe und AdressierungIPv6 Adressvergabe und Adressierung
IPv6 Adressvergabe und Adressierung
 
IPv6 Deployment In Enterprise Networks
IPv6 Deployment In Enterprise NetworksIPv6 Deployment In Enterprise Networks
IPv6 Deployment In Enterprise Networks
 
IPv6 Security und Hacking
IPv6 Security und HackingIPv6 Security und Hacking
IPv6 Security und Hacking
 
Colt IPv6 for Business Customers Case Study - Swiss IPv6 Council Jun 2013-v3
Colt IPv6 for Business Customers Case Study - Swiss IPv6 Council Jun 2013-v3Colt IPv6 for Business Customers Case Study - Swiss IPv6 Council Jun 2013-v3
Colt IPv6 for Business Customers Case Study - Swiss IPv6 Council Jun 2013-v3
 
Ipv6
Ipv6Ipv6
Ipv6
 
CBN IPv6 Deployment
CBN IPv6 DeploymentCBN IPv6 Deployment
CBN IPv6 Deployment
 
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICSuccesses and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNIC
 
Multicast in OpenStack
Multicast in OpenStackMulticast in OpenStack
Multicast in OpenStack
 
[2015-11월 정기 세미나] Cloud Native Platform - Pivotal
[2015-11월 정기 세미나] Cloud Native Platform - Pivotal[2015-11월 정기 세미나] Cloud Native Platform - Pivotal
[2015-11월 정기 세미나] Cloud Native Platform - Pivotal
 
Ipv6
Ipv6Ipv6
Ipv6
 

Viewers also liked

Internet Of Things What You Need To Know - TechFuse
Internet Of Things What You Need To Know - TechFuseInternet Of Things What You Need To Know - TechFuse
Internet Of Things What You Need To Know - TechFuseRichard Harbridge
 
Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...
Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...
Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...Tesla World
 
4 to 6: It is time, a presentation about IPv6 in Mission Critical Environments
4 to 6: It is time, a presentation about IPv6 in Mission Critical Environments4 to 6: It is time, a presentation about IPv6 in Mission Critical Environments
4 to 6: It is time, a presentation about IPv6 in Mission Critical EnvironmentsErwin Blekkenhorst
 
UK IPv6 Council Update
UK IPv6 Council UpdateUK IPv6 Council Update
UK IPv6 Council UpdateOliver Müller
 
IPv6 Global Status - IPv6 Essentials
IPv6 Global Status - IPv6 EssentialsIPv6 Global Status - IPv6 Essentials
IPv6 Global Status - IPv6 EssentialsOliver Müller
 
Koomey on Internet infrastructure energy 101
Koomey on Internet infrastructure energy 101Koomey on Internet infrastructure energy 101
Koomey on Internet infrastructure energy 101Jonathan Koomey
 
Azure IoT suite - A look behind the curtain (Sam Vanhoutte @AZUG Event)
Azure IoT suite - A look behind the curtain (Sam Vanhoutte @AZUG Event)Azure IoT suite - A look behind the curtain (Sam Vanhoutte @AZUG Event)
Azure IoT suite - A look behind the curtain (Sam Vanhoutte @AZUG Event)Codit
 

Viewers also liked (8)

Internet Of Things What You Need To Know - TechFuse
Internet Of Things What You Need To Know - TechFuseInternet Of Things What You Need To Know - TechFuse
Internet Of Things What You Need To Know - TechFuse
 
Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...
Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...
Tesla World 2015 Tom Raftery How the Internet of Things can solve the biggest...
 
4 to 6: It is time, a presentation about IPv6 in Mission Critical Environments
4 to 6: It is time, a presentation about IPv6 in Mission Critical Environments4 to 6: It is time, a presentation about IPv6 in Mission Critical Environments
4 to 6: It is time, a presentation about IPv6 in Mission Critical Environments
 
IPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be IgnoredIPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be Ignored
 
UK IPv6 Council Update
UK IPv6 Council UpdateUK IPv6 Council Update
UK IPv6 Council Update
 
IPv6 Global Status - IPv6 Essentials
IPv6 Global Status - IPv6 EssentialsIPv6 Global Status - IPv6 Essentials
IPv6 Global Status - IPv6 Essentials
 
Koomey on Internet infrastructure energy 101
Koomey on Internet infrastructure energy 101Koomey on Internet infrastructure energy 101
Koomey on Internet infrastructure energy 101
 
Azure IoT suite - A look behind the curtain (Sam Vanhoutte @AZUG Event)
Azure IoT suite - A look behind the curtain (Sam Vanhoutte @AZUG Event)Azure IoT suite - A look behind the curtain (Sam Vanhoutte @AZUG Event)
Azure IoT suite - A look behind the curtain (Sam Vanhoutte @AZUG Event)
 

Similar to Microsoft IT's IPv6 Killer App

CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration EngineeringCAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration EngineeringChristian Elsen
 
Tech 2 Tech IPv6 presentation
Tech 2 Tech IPv6 presentationTech 2 Tech IPv6 presentation
Tech 2 Tech IPv6 presentationJisc
 
IPv6 in Cellular Networks
IPv6 in Cellular NetworksIPv6 in Cellular Networks
IPv6 in Cellular NetworksAPNIC
 
Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksSkeeve Stevens
 
ARIN 36 IETF IPv6 Activities Report
ARIN 36 IETF IPv6 Activities ReportARIN 36 IETF IPv6 Activities Report
ARIN 36 IETF IPv6 Activities ReportARIN
 
2012 11-09 facex - i pv6 transition planning-
2012 11-09 facex - i pv6 transition planning-2012 11-09 facex - i pv6 transition planning-
2012 11-09 facex - i pv6 transition planning-Eduardo Coelho
 
TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6Olle E Johansson
 
Apnic IPv6 Deployment
Apnic IPv6 DeploymentApnic IPv6 Deployment
Apnic IPv6 DeploymentAPNIC
 
IPv6: We Care So You Don't Have To
IPv6: We Care So You Don't Have ToIPv6: We Care So You Don't Have To
IPv6: We Care So You Don't Have ToGary Wilhelm
 
APNIC Update
APNIC Update APNIC Update
APNIC Update APNIC
 
12.00 - Dr. Tim Chown - University of Southampton
12.00 - Dr. Tim Chown - University of Southampton12.00 - Dr. Tim Chown - University of Southampton
12.00 - Dr. Tim Chown - University of SouthamptonIPv6 Summit 2010
 
fgont-h2hc-2020-ipv6-security.pdf
fgont-h2hc-2020-ipv6-security.pdffgont-h2hc-2020-ipv6-security.pdf
fgont-h2hc-2020-ipv6-security.pdfFernandoGont
 
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNICIndonesia Network Operators Group
 
4. IPv6 Security - Workshop mit Live Demo - Marco Senn Fortinet
4. IPv6 Security - Workshop mit Live Demo - Marco Senn Fortinet4. IPv6 Security - Workshop mit Live Demo - Marco Senn Fortinet
4. IPv6 Security - Workshop mit Live Demo - Marco Senn FortinetDigicomp Academy AG
 
IPv6 Security - Workshop mit Live Demo
IPv6 Security - Workshop mit Live DemoIPv6 Security - Workshop mit Live Demo
IPv6 Security - Workshop mit Live DemoDigicomp Academy AG
 
IPv6 deployment at APNIC
IPv6 deployment at APNICIPv6 deployment at APNIC
IPv6 deployment at APNICAPNIC
 
Deploying IPv6-mostly access networks
Deploying IPv6-mostly access networksDeploying IPv6-mostly access networks
Deploying IPv6-mostly access networksRIPE NCC
 

Similar to Microsoft IT's IPv6 Killer App (20)

CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration EngineeringCAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
 
Tech 2 Tech IPv6 presentation
Tech 2 Tech IPv6 presentationTech 2 Tech IPv6 presentation
Tech 2 Tech IPv6 presentation
 
IPv6 on the Interop Network
IPv6 on the Interop NetworkIPv6 on the Interop Network
IPv6 on the Interop Network
 
IPv6 in Cellular Networks
IPv6 in Cellular NetworksIPv6 in Cellular Networks
IPv6 in Cellular Networks
 
Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP Networks
 
ARIN 36 IETF IPv6 Activities Report
ARIN 36 IETF IPv6 Activities ReportARIN 36 IETF IPv6 Activities Report
ARIN 36 IETF IPv6 Activities Report
 
2012 11-09 facex - i pv6 transition planning-
2012 11-09 facex - i pv6 transition planning-2012 11-09 facex - i pv6 transition planning-
2012 11-09 facex - i pv6 transition planning-
 
TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6
 
Apnic IPv6 Deployment
Apnic IPv6 DeploymentApnic IPv6 Deployment
Apnic IPv6 Deployment
 
IPv6: We Care So You Don't Have To
IPv6: We Care So You Don't Have ToIPv6: We Care So You Don't Have To
IPv6: We Care So You Don't Have To
 
APNIC Update
APNIC Update APNIC Update
APNIC Update
 
12.00 - Dr. Tim Chown - University of Southampton
12.00 - Dr. Tim Chown - University of Southampton12.00 - Dr. Tim Chown - University of Southampton
12.00 - Dr. Tim Chown - University of Southampton
 
fgont-h2hc-2020-ipv6-security.pdf
fgont-h2hc-2020-ipv6-security.pdffgont-h2hc-2020-ipv6-security.pdf
fgont-h2hc-2020-ipv6-security.pdf
 
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
 
4. IPv6 Security - Workshop mit Live Demo - Marco Senn Fortinet
4. IPv6 Security - Workshop mit Live Demo - Marco Senn Fortinet4. IPv6 Security - Workshop mit Live Demo - Marco Senn Fortinet
4. IPv6 Security - Workshop mit Live Demo - Marco Senn Fortinet
 
IPv6 Security - Workshop mit Live Demo
IPv6 Security - Workshop mit Live DemoIPv6 Security - Workshop mit Live Demo
IPv6 Security - Workshop mit Live Demo
 
IPv6 deployment at APNIC
IPv6 deployment at APNICIPv6 deployment at APNIC
IPv6 deployment at APNIC
 
IPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi PaletIPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi Palet
 
Getting The World IPv6 Enabled
Getting The World IPv6 EnabledGetting The World IPv6 Enabled
Getting The World IPv6 Enabled
 
Deploying IPv6-mostly access networks
Deploying IPv6-mostly access networksDeploying IPv6-mostly access networks
Deploying IPv6-mostly access networks
 

Recently uploaded

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 

Recently uploaded (20)

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 

Microsoft IT's IPv6 Killer App

  • 1.
  • 2.
  • 4. IPv6 Evolution • ISATAP tunneling for IPv6 enablement for development and research started in 2006. • Operating Systems IPv6 capable •  Client and Server OS’s on the corporate network IPv6 capable and prefer v6 by default • Transition Technologies •  ISATAP deployed and then deprecated in favour of dual-stack •  Initial IPv6 only pilot • Native deployed in selected locations
  • 5. IPv6 Evolution continued… • World IPv6 Day June 8, 2011 • Corporate wide interest and excitement leading up to World IPv6 launch day!! • World IPv6 Launch June 6, 2012…..YAY!
  • 6. Enabling IPv6 •  Routing Protocols • IGP • VPNv6 •  Security infrastructure v6 aware •  Firewalls v6 enabled •  Other security components (AMA, APT, DLP, IDS) v6 capable •  NetFlow v9 deployed •  Corporate on-prem datacenters IPv6 enabled •  Includes hardware load balancers •  Internet Peering •  IPv6 internet peering enabled •  Enabling direct v6 internet into labs on request
  • 7. Internet Routing Challenges • Initial announcement of ARIN /32 from HQ in Seattle • Lack of certainty about advertising space from one regional RIR in another region • Questions about geolocation • Considered PI /48s • Proceeded to procure one /32 per region • No IPv6 NAT for first implementation – Therefore could only announce in one location in the region – E.g. Tokyo in Asia and Dublin in EMEA
  • 8. IPv6 Challenges •  Enabling dual-stack at the user edge created some scaling issues • ARP and ND timers – much increased traffic • Increased control plane traffic – SSDP, LLMNR •  Challenges with introducing IPv6 into MPLS •  Issues with OSPFv2/v3 taking different paths through the network. Mostly solved by IS-IS J •  Extension Headers – quickly fixed by vendor •  Quirks introduced by IPv6 – eg DAD on WAN links •  Staff training •  IPv6 addressing seems to be hard •  Ensuring consistency between IPv4 and IPv6 during new deployment •  Operational issues with IPv6
  • 9. IPv6 current status • Current Stats –  100% of WAN and Backbone is v6 enabled; IS-IS backbone (OSPFv2/v3 campus) –  63% of managed hosts are v6 enabled –  Dual stack on 20% of corporate access network –  6,400 internal v6 routes, 20,000 internal v4 routes –  DNS AAAA to A record comparison –  Expect to have complete network dual stack by end of year Europe Redmond A – 34,545 A – 410,679 AAAA – 31,946 AAAA - 321,113 FarEast Development A – 67,115 A – 147,633 AAAA- 32,039 AAAA – 131,402
  • 10. IPv6 Killer App… • I know you have more v4 addresses…
  • 11. Vanishing RFC1918 space – Options • Start looking at internal NAT44 OR NAT64 • We are piloting v6-only using NAT64 (with DNS64). •  For wired we are using DNS64 via Direct Access* deployment •  DHCPv6 stateful on existing DHCP server •  Cisco ASR1K for NAT64 • Wireless Guest Network •  BIND9 on Windows Server 2012 •  DHCPv6 stateless on Windows Server 2016 •  Cisco ASR1K for NAT64 *Microsoft VPN solution
  • 13. IPv6-only Pilot Results – what works •  Native IPv6 •  Office 365 •  Xbox.com •  Microsoft.com •  Windows update (test) •  Skype for Business •  Applications via NAT64; no noticeable performance degradation •  SharePoint •  Yammer •  Bing search •  Windows RPC/SMB •  Windows RDP •  Xbox VOD, video playback
  • 14. IPv6-only Pilot Results– what doesn’t work •  Applications •  Skype •  Other applications with IPv4 embedded addresses •  X-Windows applications •  Microsoft homegrown applications •  Non-client devices •  IP phones •  Conference room schedule monitor •  Security cameras
  • 15. IPv6 w/NAT64 Pilot Results • Switching between v6-only wired and dual-stack wireless •  Had to disable Ethernet when switch to dual-stack wireless (Ethernet preferred over Wi-Fi) •  Without Stateful DHCPv6, no “release6, renew6” had to issue PowerShell “restart-netadapter” • Still have to figure out IPv4 embedded •  464xlat for mobile, what about wired • Operations and Troubleshooting •  Issues when one troubleshooting step is to turn off IPv6 Generally things just worked
  • 16. Future Thoughts § DHCPv6 or SLAAC or both? § DNS64 deployed globally § IPv6 Multicast § NAT64 redundancy testing § TE - Segment Routing? § Management
  • 17.
  • 18. 2 0 0 1 : 4 8 9 8 : 0 0 0 0: 0 0 0 0 :0:0:0:0 0010 0000 0000 0001 0100 1000 1001 1000 0 000 0000 0000 0000 0000 0000 0000 … 0000 32 bit prefix 8 site bits 64 bit IID “I” bit 6 block bits /40 /48 /64 16 subnet bits “D” bit 0000 0000 1) Bit 33 0=Corpnet 1=Internet 2) Bit 34 0=Corpnet 1=Delegations 3) Bits 35-40 Regional Blocks Puget Sound, Canada, Americas EMEA APJ 4) Bits 41-48 Site Bits Site = Hub location ROW PS core aggregation pair First /48 reserved for infastructure 5) Bits 49-64 User Subnets 6) Bits 65-128 Host identifiers
  • 19. AMA - Advanced Malware Analysis DLP - Data Loss Prevention IDS - Intrusion Detection System APT - Advanced Persistent Threats Appendix: Acronyms
  • 20. Disclaimer § This presentation and the content therein cannot be, duplicated, modified or excerpted without the express written approval of Marcus Keane marcus.keane@microsoft.com 20